摘要 |
A network security device is disclosed which does not require a separate computer to implement. The device may be in the form of a boxed hardware component and is preferably configured from an HTML interface. It contains and uses three network cards. The first two cards (80, 110) are used for the firewall. A third card is a management interface having a private, not publicly routed IP address. The first network card forwards packets to a packet filter (90). Packets which pass the filter (100) are forwarded to the second network card (110) and subsequently to their destination. None of these cards have a publicly routed IP address. The device acts as a packet filter which bridges rather than routes or proxies. It may be located between a router and a hub or server machine. |